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(54) SECURITY SYSTEM FOR SOFTWARE 

(57) A software protection system is proposed in 
which the use of software, by a simple operation, is 
allowed for only the authorized users, ttie use by tiie 
other users being excluded, and a dishonest alteration 
of a software is detected and an alarmed raised. There 
are provided a software supplier portion for preparing to 
supply a programto a software administration center por- 
tion and a user portioa the software administration 
center portion for converting the supplied program and 



preparing to supply this converted program to tiie user 
portion, and a user portion for converting the supplied 
program, conparing this converted program with tiie 
converted program supplied from the software adminis- 
tration center portion and, only when these compared 
converted programs coincide, carrying out program exe- 
cution. 



12 



Fig .1 

w 



S(o) 



311 



312 



5(SC) 



2, -^- ^ E^a/pn^ 

OPWfaBIDM I — *j EBCaTFIIOl |— ^ »l BBCnr 



-it 



314 
P(SC) 



"ft 3^ 



> 



SOPlVUai inCDZSDUTIQN 



32 



s 



Q. 

UJ 



Primod by flank Xerm (UK) Busindss Services 
2.12.4A4 



1 



EP0718756A1 



2 



Description 
TECHNICAL FIELD 

The present invention relates to a system for protect- s 
ing software. The system according to the present inven- 
tion is used, for exanrple, for protecting software, such 
as application software, an operating system, or the like 
and for protecting software against infection by a soft- 
ware virus. 10 

BACKGROUND ART 

Unautiiorized copying of application programs, 
operating system software and utility programs is a pre- is 
vailing problem, and yet no good metiiod to prevent such 
unautiiorized copying has been found. Also, r>o satisfac- 
tory way to protect software against the invasion of a so- 
called software virus, which is a malicious program 
devised to dishonestly alter or destroy software, has 20 
been found. Thus, a suitable metiiod and way to realize 
protection of software has been sought 

DISCLOSURE OF THE INVENTION 

25 

An object of the present invention is to realize a soft- 
ware protection system in which the use of software by 
a simple operation is allowed for only authorized users, 
the use by tiie other users being excluded, and a dishon- 
est alteration of a software can be detected and an alarm 30 
raised. 

According to the present invention, there is provided 
a system for protecting software comprising: a software 
supplier portion for preparing to supply a program to a 
software administration center portion and a user por- 35 
tion; tiie software administration center portion con- 
nected to said software supplier portion for converting 
the supplied program in a predetermined manner and 
preparing to supply tills converted program to the user 
portion: and the user portion connected to said software 40 
supplier portion and said software administration center 
portion, during use of the program, for converting the 
supplied program in a predetermined manrmr, compar- 
ing tills converted program with the converted program 
supplied from said software administration center por- 45 
tion, and, only when these compared converted pro- 
grams coincide, carrying out program execution. 

Also, according to the present Invention, there is also 
provided a system for protecting software comprising: a 
software supplier portion for enciphering a program by a so 
first key to produce an enciphered program, enciphering 
tiie first toy by a second key to produce tiie enciphered 
first key. supplying this enciphered program to a software 
administration center portion, and making ready for sup- 
plying tiie enciphered program and the enciphered first ss 
key to a user portion; the software administration center 
portion connected to said software supplier portion for 
converting the supplied enciphered program to produce 
the converted enciphered program, endphertng tiiis con- 



verted program by a tiiird key to produce an enciphered 
converted program, enciphering the third key by a fourth 
key to produce the enciphered third key. and preparing 
to supply tiie enciphered converted program and the 
enciphered tiiird k^ to tiie user portion; and the user 
portion connected to said software supplier portion and 
said software administration center portion, during use 
of tiie program, for converting the enciphered program 
in a predetermined manner to produce the converted 
program; deciphering the enciphered tiiird key by a f iftii 
key to produce the deciphered third key. deciphering tiie 
enciphered converted program t>y the third key to pro- 
duce the deciphered converted program, comparing this 
deciphered converted program and the converted pro- 
gram, and. only when these compared converted pro- 
grams coincide, canrying out an execution of the program 
deciphered by the first key deciphered by a sixth key. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Rgure 1 shows an information processing network 
to which a software protection system according to 
an emtxxiiment of the present invention is applied; 
and 

Rg. 2 shows an information processing network to 
wNch a software protection system acoorcfing to 
another embodiment of tiie present invention is 
applied. 

BEST MODE FOR CARRYING OUT THE INVENTION 

An information processing network to which a soft- 
ware protection system according to an emtxxiiment of 
the present invention Is applied is shown in Fig. 1 . In the 
network, there is provided a software house 1 , as a soft- 
ware supplier portion, which includes encryption devices 
1 1 and 12. In the software house 1 , all or a part of tiie 
program P is endphered by a key K, which Is specific to 
the program, to produce tiie enciphered program Pi. 
This endphered program Pi is a program which cannot 
be executed. This enciphered program Pi is registered 
in a software administration center portion 2. 

In accordance with a request from a user portion 3 
which has purchased the enciphered program Pi, the 
key K is enciphered by the user's public key P(u) to pro- 
duce the endphered key Ki, and this endphered key Ki 
is delivered to the user portion 3. 

In the software administration center portion 2. there 
are provided a conversion device 21 and encryption 
devices 22 and 23. In the software administration center 
portion 2, the enciphered program Pi registered by tiie 
software house 1 is compressed by using a type of Hash 
Function to produce the compressed endphered pro- 
gram P2, this compressed enciphered program P2 is 
enciphered by using a key r which is specific for the end- 
phered program Pi to produce the endphered com- 
pressed program P3, and tiiis key r is endphered by 
using a secret key S(sc) of the software administration 
center portion 2 to produce the enciphered key ri. Since 
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the enciphered key n and the enciphered compressed 
program P3 can be prelimi'narity produced without spec- 
ifying the user, these may be contained in the same stor- 
age medium as the storage medium for the enciphered 
program Pi which is sold by the software house 1 . 5 

fn the us^ portion 3, at the time of or after the pur- 
chase of the program, the notification of tiie purchase of 
the program^ as well as the request for the key delivery, 
is conrvnunicated to the sofhivare house 1. The enci- 
phered Ki sent from the software house 1 1s input to 10 
an install software. In the user portion 3, a program exe- 
cution is carried out by using a loader software and tiie 
information carrier device 31. The device 31 is an appa- 
ratus attached to the program execution device 32. To 
the program execution device 32» a keyboard display is 
device, storage of the hard disk type, the magnetic disk 
type and the like, and tiie input/output devices therefor 
may be attached. 

In tiie device 31. tiiere are provided decryption 
devices 311, 312, 315, and 316, a conversion device 20 
314. and a comparison device 317. The device 31 con- 
tains tiie secret key. the decryption program and authen- 
tication program of the user. The device 31 is coupled to 
tiie printer port the RS232C port, on the like, of a per- 
sonal computer by which the user intends to carry out 25 
the program execution so that the decryption of the data 
such as Ki, Pi, ri, and P3 and the autiientication of tiie 
program are carried out. The device 31 may be, for exam- 
ple, an IC card which is connectable to a personal com- 
puter. 30 

The encryption devices 11, 12. 22. and 23 can be 
constituted, for example, by tiie data encryption standard 
(DES), the fast data encipherment algorithm (FEAL) 
(registered trademark), arid the like, but is not limited to 
these examples. These encryption devices may be eitiier 35 
of thesame type or of different types. Eachof thedecryp- 
tion devices 311, 312, 315. and 316 constitutes a pair 
witii each of tiie corresponding encryption devtoes. 
These decryption devices can be constituted by tiie 
decryption algorithm of the data encryption standard 40 
(DES), tiie fast data encipherment algorittim (FEAL), and 
the like, but is not limited to these examples. 

The secret keys S(u) and P(sc) are preliminarily sup- 
plied to the user portion in the manner that tiiese secret 
keys are written in the storage in the device 31 . The con- 45 
version device using the Hash Function may be con- 
tained in the devtoe 31 , or the conversion means may be 
stored, as an algorithm, in the storage medium of the pro- 
gram execution device 32. It is possible to store all or 
some of the enciphered program Pi and the enciphered so 
specific key Ki supplied from tiie software supplier por- 
tion and tiie enciphered key r and tiie enciphered com- 
pressed program P2 supplied from the software 
administration center portion in a magnetic disk, a ran- 
dom access memory RAM, a read only memory ROM. ss 
and a photo magnetic disk in the program execution 
device and to cause the main processing to be carried 
out In the program execution device. 



As tiie metiiod for using the keys for the enciphered 
information, the public key system and the key pre-dis- 
tribution system (KPS) are preferably used. The public 
key system is a system in which a put)lic key. a public file 
concerning the public key, and a secret key are prelimi- 
narily produced, tiie public key is distributed individually, 
and the secret key is administrated confidentially. The 
production and the distribution of tiie public key. the pub- 
Ik; file concerning the public key, and the secret key are 
carried out mainly by the operation of the software 
administration center portion. However, this is not limited 
to such manner, but may be carried out by the user por- 
tion, the software supplier portion, or tiie combination of 
these. The manner of making the concrete content of 
each of the put>lic key and the secret key are put)licly 
known. 

The key pre-distribution system (KPS) is a system 
in which the identifier of tiie other party side is applied to 
the specific secret algorithm of this party side to produce 
a key which is common with the other party side. The 
operatton of tiie production of the secret algoritiim and 
the like is earned out mainly in the software administra- 
tion center portion. The software administration center 
portion individually has the center algorithm. By applying 
the identifiers of the software and the software supplier 
portion, the spedf k; secret algorithm Is produced. 

The method for producing the center algorithm, the 
method for producing the secret algorithm, tiie method 
for producing the common encryption key. and the defi- 
nitions of tiie entity and the identifier are desait>ed, for 
example, in Japanese Unexamined Patent Publication 
Nos. 63-36634. 63-107667, and the like. 

The operation of the software administration center 
portion may be carried out in tiie user portion, the soft- 
ware supplier portion, or the combination of these. The 
above methods for using the above-mentioned keys are 
preferable ones, but are not limited to tiiese methods. As 
the encryption algorithm, the data encryption standard 
method (DES), the fast data endpherment algorithm 
(FEAL) (registered trademark), and the like are used. 

The software handled in the network shown in Fig. 
1 is an application program, an operating system pro- 
gram, a utility program, or the lika The software supplier 
portion in the network shown in Rg. 1 . which is a portion 
for supplying software to the user portion, is an entity for 
supplying, with or without reward, software to the user 
portion, in the form of retailer shop such as a software 
house, a related manufacturer, a retailer shop, a vender, 
a software or device for supplying anotiier software, or 
the like. The software supplier portion may be incorpo- 
rated either in the software administration center portion 
or in the user portion. The software supplier portion may 
assume the position of a user portion, if tiie software sup- 
plier portion is in the position to use a software. The user 
portion in the network shown in Rg. 1 is in the form of 
tiie user itself, a device which the software owned by a 
user causes to carry out a program execution, a device 
attached tiiereto, the software itself, or tiie lika 
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The operation of the network shown in Rg. 1 will be 
explained below. The assumed conditions of the opera- 
tion are that (1) the user portion owns an information car- 
rier device containing the secret key of this user portion. 
(2) the target program will not work if the user is not the 
authorized user, (3) backing-up can be carried out freely, 
and (4) the handling of the virus problem is enak)led 
a chedc for dishonest alteration of the data. 

In the operatton, first, all or a part of the program P 
to be delivered from the software supplier portion 1 to 
the user portion 3 is enciphered by the specific key K by 
using the encryption algorithm such as DES to produce 
the enciphered program After that, the enciphered 
program Pi is registered in the software adnnntstration 
center portion 2. 

In the portion 2. the enciphered program Pi is com- 
pressed by using a Hash Function to produce the com- 
pressed enciphered program P2 which is enciphered by 
using an encryption algorithm such as DES to produce 
the enciphered conrpressed program P3. The key r is 
enciphered by using the secret key S(sc) of the software 
administration center portion 2. 

At the time of. or after the receipt of. Pi. ri. and P3. 
the user portion 3 Informs this receipt to the software 
supplier portk3n 1 and the like. In the software supplier 
portion, the specific key K of the program is enciphered 
by using the public key P(u) of the user portion to produce 
the enciphered key Ki which is delivered to the user por- 
tion. In the user pc^^tion. the installation of Ki, Pi, ri, and 
P3 are cam'ed out by using the exclusive installatbn soft- 
ware. 

In the user portion 3. each time the program execu- 
tion is carried out. Pi is deciphered by the loader soft- 
ware by using the information carrier device 31 to 
produce the program Pi, and the deciphered program is 
converted k)y using the Hash Function to produce the 
conpressed program P2. ri is dedphered by using the 
public key P(sc) of the software administration center 
portion 2 to produce r, and P3 is deciphered by using this 
r to produce the deciphered program P2. This deciphered 
program P2 is compared with the above-mentioned com- 
pressed program P2 so that the checking of whether or 
not a dishonest alteration of Pi has occurred is enabled. 
If the occurrence of a dishonest alteration is detected, it 
is possible to raise an alarm. 

Since the encq>hered algorithm Pi. the enciphered 
key ri. and the enciphered compressed algorithm P3 do 
not have the kientif ication of the user portion 3. rt is pos- 
sible to preliminarily produce the same, and it is possible 
to deliver either from the software supplier portion 1 or 
from the software administration center portk>n 2. 

Preferably, the information carrier device 31 which 
is attached to the program execution device 32 has a 
small size, a light weight, and a shape that does not need 
much space. Alternatively, the information carrier device 
is not necessarily provided arxi the program execution 
device itself may carry out all the operations. 

An information processing network to which a soft- 
ware protection system according to another embodi- 



ment of the present invention is applied is shown in Rg. 
2. in the networii. there is provkied a software hoise 1 . 
as a software supplier portion which includes encryption 
devices 1 1 and 12 and a key formation device 13. In the 

5 software house 1 . all or a part of the program P is enci- 
phered by a key K which is specific to the program to 
produce the enciphered program Pi. This enciphered 
program Pi is a program which cannot be executed. This 
enciphered program Pi is registered in a software admin- 

io istration center portion 2. 

In accordance wrth a request from a user portion 3 
which has purchased the enciphered program Pi. the 
common encryption key K(SI • A) of the key pre-distribu- 
tion system (KPS) is produced by using the kfentifier A 

15 of tiie user portion, the key K is enciphered by using tills 
K(SI • A), and the enciphered key Ki is delivered to tiie 
user portion 3. 

In the software administration center portion 2. there 
are provided a conversion device 21 . encryption devices 

20 22 and 23. and a key formation device 24. In the portion 
2. the endphered program Pi registered by the software 
house 1 is compressed by using a type of Hash Function 
to produce the compressed enciphered program P2, P2 
is enciphered by using a key r which is specific for the 

25 enciphered program Pi to produce the enciphered com- 
pressed program P3. and the key r is enciphered by using 
encryption key K(SI • A) which is common to the software 
supplier portion or the software and the user portion to 
produce tiie enciphered key ri. Since P3 can be prelim- 

30 inarily produced wittiout specifying the user. P3 may be 
contained in the same storage medium as the storage 
medium for the enciphered program Pi which is sold by 
tiie software house 1. In the software administration 
center portion 2, the secret algoritiim owned by tiie soft- 

35 ware supplier portion is either preliminarily heki therein 
or successively t>rought therein. In tiiis regard, it is pos- 
sible that the specific algorithm is owned by the software 
administration center portion. In tills case, when the 
compressed software and tiie like is to be sent to the 

40 user portion, it is possible ttiat the key is produced by 
applying tiie kientifier of the user portion to tiie seaet 
algoritiim of the software administration center portion 
to produce the key, and the key is produced by applying 
the kjentifier of the software administration portion to the 

45 secret algorithm of tiie user portion to produce tiie key 
in tiie user portion. 

In the user portion 3, at the time of using, or after 
purchasing the program, tiie purchasing of the program 
is informed, as a request for delivery of tiie key. to tiie 

so softv^re supplier portion. In the user portion 3. the enci- 
phered key Ki sent fifom tiie software supplier portion 1 
is input in the installation software, and ttie program exe- 
cution is carried out by using the loader produced by tiie 
installation software and tiie information canrier device 

55 31 attached to the program execution device 32. The 
information carrier device 31 is connected to the program 
execution device 32. A keytx>ard, a display device, a hard 
disk storage, a magnetic disk, and input/out devtee 
ttiereof may be attached to ttie program execution devk:e 
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32. In the user portion 3, the identifier S(l) of the software 
supplier portion is suppGed to the key formation device 
313. 

In the infbmnation canrier device 31 , the secret key, 
the dedphenng program, and the authentication pro- s 
gram of the user portion are contained. The information 
carrier 6eAce 31 is adapted to be connected to the 
printer port, the RS232Cport. on the like, on the personal 
conputer by which the user portion intends to carry out 
the program execution so that the decryption of the data io 
such as Ki, Pi. ri, and P3 and the authentication of the 
program are carried out RS232C is a standard issued 
by the by Electronic Industries Association in the USA 
concerning an interface. 

The encryption devices 1 1 , 1 2, 22, and 23 in the net- is 
work of Rg. 2 are constituted by the encryption algorithm 
of the data encryption standard method (DES), the fast 
data encipherment algorithm (FEAL) (registered trade- 
marl^, and the like, but are not limited to these. All of the 
encryption devices may t>e diff^ent ones or the same 20 
one. Each of the decryption devices 31 1, 312, 315, and 
316 constitutes a pair with each of the corresponding 
encryption devices. These decryption devices can be 
constituted by the decryption algorithm of tiie data 
encryption standard (DES). the fast data enciphenment 2s 
algorithm (FEAL), and the like, but are not limited to 
these examples. 

The secret algoritiim is preliminarily supplied to the 
user portion, and Is written in the storage in the informa- 
tion carrier device 31. The conversion device constituted 30 
by the Hash Function owned by the user portion is either 
preliminarily oorrtained in the information carrier device 
or stored as the algoritiim in the storage in the program 
execution device. 

It is possible to store ail or a part of the enciphered 3S 
program Pi, tiie enciphered specific key Ki supplied from 
the software supplier portion 1 . ttie enciphered key ri and 
the enciphered compressed program P3 supplied from 
the software administration center portion 2 on a mag- 
netic disK in a rarxiom access memory RAM. in a read 40 
only memory ROM and on a photo magnetic disk of the 
program execution device, and the main processings are 
carried out in the program execution device. The identi- 
fier A of the software supplier portion and the software 
used by ttie user portion may be contained in the same 4s 
storage medium as the storage medium for the enci- 
phered program Pi sokJ by the software house. 

The operation of the network shown in Rg. 2 will be 
explained below. The conditions of the operation are 
assumed such that (1) the user portion owns an Informa- so 
tion carrier device containing the secret key of tills user 
portion, (2) the target program will not work if tiie user is 
not the authorized user. (3) backing up can be carried 
out freely, and (4) handling of the virus prok)Iem is ena- 
t}led by checking for dishonest alteration of the data. ss 

In the operation, first, all or a part of the program P 
to be delivered from the software supplier portion 1 to 
the user portion 3 is preliminarily enciphered by the spe- 
cific key Kby using theencryption algorithm such as DES 



to produce tiie enciphered program Pi. After that tiie 
er^iphered program Pi is registered in the software 
administration center portion 2. 

In the portion 2, tiie enciphered program Pi is com- 
pressed by using a Hash Function to produce tiie com- 
pressed enciphered program P2 which is eixiphered by 
using an encryption algorithm such as DES to produce 
the enciphered compressed program P3. The key r is 
enciphered by using tiie encryption k^ K(SI •A) which 
is common to the software supplier portion or the soft- 
ware and tiie user portion to produce the endphered key 
ri. 

At the time of. or after tiie receipt of, Pi, ri, and P3, 
the user portion 3 informs this receipt to the software 
supplier portion 1 and the like. 

In the software supplier portion, the specific key K 
of the program is enciphered by using the encryption key 
K(Si • A) which is comnrK>n to the software supplier por- 
tion or the software and the user portion to produce the 
enciphered key Ki which is delivered to the user portion. 
In tiie user portion, tiie installation of Ki. Pi, r^ and P3 
are carried out by using the exclusive installation soft- 
ware. 

In the user portion 3, each time the program execu- 
tion is canried out. Pi is deciphered t>y the loader soft- 
ware by using the information canier device 31 to 
produce the program Pi, and the deciphered program is 
converted by using the Hash Function to produce the 
compressed program P2. ri Is deciphered by using the 
key K(SI • A) which is comnrwn to the software supplier 
portion or the software and tiie user portion to produce 
r, and P3, is deciphered by using this r to produce the 
deciphered program P2. This dedphered program P2 is 
compared with the atx}ve-mentioned compressed pro- 
gram P2 so tiiat it can be deternvned whether or not dis- 
honest alteration of Pi has occurred. If the occurrence 
of a dishonest alteration is found, it is possOdle to raise 
an alarm. 

Since the enciphered algorithm Pi and the end- 
phered compressed algorithm P3 do not have the kfen- 
tification of the user portion 3. it is possible to 
preliminarily produce the same, and it is possible to 
deliver either from the software supplier portion 1 or from 
the software administi-ation center portion 2. 

Preferably, the information canrier device 31 which 
is attached to the program execution device 32 has a 
small size, a light weight, and a shape that does not need 
much space. Alternatively, the information carrier devtee 
is not necessarily provided and the program execution 
device itself may canry out ail operations. 

It will be understood ttiat, in the infomiation process- 
ing networi® shown in Rgs. 1 and 2, the use of the soft- 
ware, by a dnple operation, can be allowed for only the 
authorized user portion, the use by other user portions 
being exduded. and a dishonest alteration of the soft- 
ware by a virus can be' detected and an alarm raised. 
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7. The system according to daim 3. wherein the con- 
verted program Is enciphered by i^lng a key which 
is common to the user portion and the software or 
the software siipplier portion produced by applying 
5 the identifier of the user portion to the secret algo- 
rithm which is specific to the software or the software 
supplier portion In the software administration 
center portion, arxl the endphered converted pro- 
gram is deciphered by using the key which is com- 
10 mon to the software or the software supplier portion 
produced by applying the identifier of the software 
supplier portion to tiie secret algoritiim which is spe- 
cific to the user portion in the user portion. 

15 8. A system for protecting software comprising: a soft- 
ware supplier portion for enciphering a program by 
a first key to produce an enciphered program and 
enciphering the first key by a second key to produce 
the encq3hered first 1^, supplying this enciphered 
20 program to a software administration center portion, 
and preparing to supply the enciphered program and 
the enciphered first key to a user portion; 

the software administration center portion 
connected to said software supplier portion for con- 
25 verting the supplied encqphered program to produce 
the converted enciphered program, enciphering tills 
converted program by a third key to produce an enci- 
phered converted program, enciphering the third key 
by a fourth key to produce the endphered third key. 
30 and preparing to supply these enciphered converted 
program and enciphered third key to the user por- 
tion; and 

the user portion connected to said software 
supplier portion and said software administration 
35 certter portion, when the program is used, for con- 
verting the enciphered program in a predetermined 
manner to produce the converted program; ded- 
phering the &iciphered third key by a fifth key to pro- 
duce the deciphered third key. deciphering the 
40 enciphered converted program by the third key to 
produce the dedphered converted program, com- 
paring this deciphered converted program and the 
converted program, and, only when the compared 
converted programs coindde, carrying out an exe- 
45 cution of tiie program deciphered by the first key 
deciphered by a sixtii key. 



Claims 

1 . A system for protecting software comprising: a soft- 
ware supplier portion for preparing to supply a pro- 
gram to a software administration center portion and 
a user portion; 

a software administration cerrter portion con- 
nected to said software supplier portion for convert- 
ing the supplied program in a predetermined manner 
and preparing to supply this converted program to 
the user portion; and 

a user portion connected to said software 
supplier portion and said software administration 
center portion, for converting the supplied program 
in a predetermined manner, comparing this con- 
verted program with the converted program supplied 
from said software administration center portion, 
and. only when these compared converted pro- 
grams coindde, carrying out a program execution. 

2. The system according to claim 1 , wherein the pro- 
gram is endphered, and, when the program is deter- 
mined by the user portion to be executable, the 
endphered program Is dedphered. 

3. The system according to claim 1, wherein the con- 
verted program supplied from tiie software adminis- 
tration center portion to tiie user portion is 
enciphered, and, when at least tiie program Is used 
by the user portion, the endphered program Is ded- 
phered. 

4. The system according to claim 2, wherein the pro- 
gram is endphered in the software supplier portion 
by using a public key based on a request from the 
user portion or a public f Oa and tiie enciphered pro- 
gram is dedphered by using the secret key in the 
user portion. 

5. The system according to daim 3, wherein tiie con- 
verted program is enciphered by using the secret 
k^ of the software administration center portion in 
the software administration center portion, and the 
enciphered program is dedphered by using the pub- 
lic key of the software administration center portion 
in the user portion. 

6. The system according to daim 2, wherein tiie pro- 
gram is enciphered by using a key which is common 
to tiie user portion pix)duced by applying tiie identi- so 
ficator of tiie user portion to tiie secret algorithm 
which is specific for the software or the software sup- 
plier portion in the software supplier portion, and the 
endphered program is deciphered by using tiie key 
which is common to the software or the software 5s 
supplier portion produced by applying the kientifler 

of tiie software or the software supplier portion to 
the secret algorithm, which is specific to the user 
portion, in the user portion. 



9. The system according to claim 8, wherein the sec- 
ond key is the public key of the user portion, the sixth 
key is the secret key of the user portion, the fourth 
k^ is tiie seaet key of the software administration 
center portion, and the fifth key is the public key of 
the software administration center portion. 

10. The system according to claim 8, wherein the sec- 
ond key is the key which is common to the user por- 
tion produced by applying the identifier of tiie user 
portion to the seaet algorithm of the software sup- 
plier portion or the software, and the fifth and sixth 
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keys are the keys which are common to the software 
supplier portion or the software produced by apply* 
ing the identifier of the software supplier portion or 
the software to tiie secret algorrtiim of the user por- 
tion, and the fourth key is the key which is common 5 
to the user portion produced by applying tfie identi- 
fier of the user portion to tfie secret algorithm of tiie 
software supplier portion or the software owned by 
the software administration center portion. 



so 



EP0718^A1 




8 



EP0718756A1 




9 



EP0718756A1 



INTERNATIONAL SEARCH REPORT 



Intenutiooal a(^icatioD No. 

PCT/JP95/01344 



A. CLASSmCATION OF SUBJECT MATTER 

Int. Cl^ G06F9/06 
According Co loteroational Pateot OasstficatioD (IPC) or to both aatioDal d wificatiott and IPC 



B. FIELDS SEARCHED 



Miaimuin documeotitioQ seardicd (dassificatioD tytiem followed bf daasincation symbols) 

Int. Cl6 G06F9/06 



Documenutioo tetrcbed other than mtaimiiai doeumeaiaitoa to die extent that such docwDeots sre indiided ia the fields seaicbed 

Jitsuyo Shinan Koho 1926 - 1994 

Kokai Jitsuyo Shinan Koho 1971 - 1994 



Electranic datt base ooandied diiriag die iBtenadoaal seaicb (name of data base and, where pracdcable, search tenns used) 



C DOCUMENTS CONSIDERED TO BE RELEVANT 



Category* 



Qtation of document, with ind'tcatioo^ where s{^)ro;mate, of the relevant passages 



Relevant to daim No. 



X 



X 
Y 



X 

y 

Y 

y 



JP, 5-173892, A (NEC Corp.), 

July 13, 1993 (13. 07. 93) (Family: none) 



JP, 4-163627, A (Hitachi, Ltd.), 

June 9, 1992 (09. 06. 92) (Family: none) 



JP, 4-338823, A (NTT Data Communications 
Systems Corp • ) , 

November 26, 1992 (26. 11. 92) (Family: none) 

JP, 4-238536, A (NEC Software, Ltd.), 
August 26, 1992 (26. 08. 92) (Family: none) 

JP, 63-36634, A (Advance Corp.), 
February 17, 1988 (17. 02. 88) 
& WO, 8801120, Al & EP, 277247, Al 
& US, 5016276, A 

JP, 63-107667, A (Advance Corp.), 



Ir 2 
3-10 



Ir 3 

2, 4-10 



1 

2-10 
1-10 

6, 7, 10 
6, 7, 10 



3cl Further documents are listed in the oontintiation of Box C | | See patent Ginitly annex. 



SpecUl cacegDfies of dted docoaseatt: 

A** docsmeat defini^ tte geneist ttau of Ihe ait wUcfa it not considmd 
to be of ptrtictiUr rdevaeoe 

**E** earlier documeat bat published oo or after the latenadoaal fiUag dale 
"L** docomeat which mtj throw dovbis oa priority cialni(s)or which is 
died to establish the pnblicatloo datt of aaolher diatioa or other 
apeciat reasoa (as speofled) 

**0** dDeoaMBi icfbfring to aa oial dbdosure, nse, eochlbitiea or other 

docBBieat published prior to the iateroatioDal fUiagdate bat later than 
the prieriiy datt dafaned 



nr later docnmempoblisbed after the tntcnsatioiial Cling daSeor priority 
datt aad sot ia ooafUd widi the applkatioa bat citod fio oadetitaBd 
the priadple or theoiy oaderiyisg the iaveaiion 

**X** docaflBeatofpanicatarielevaace; diedaboediDveDtioacaeaotbe 
ooBsideicd novel or caaaot be considered to iovolve aa ieveativB 
step whea the docamem is takes alone 

T** rfiTfTamtt *f ptfiirrltf t***^***^ ^ ri^itM^ !iw»ttti<M> cMiMt lye 
ooosidcfed lo involve aa laveative sttp whea the doeaaeat is 
oombiaed with oae or mofootbcr each docttmeats,sach eooibiaadoo 
being obviooa to a peison skilled in the art 

***** doeaakentBBember of the same patent CaaiUy 



Date of the actual completion of the intematiooal search 
September 4, 1995 (04. 09. 95) 



Date of mailing of the international search report 

September 26, 1995 (26. 09. 95) 



Name and mailing address of the ISA/ 

Japcuiese Patent Office 
Facsimile No. 



Anthorized ofHcer 



Tel^jhooe No. 



Fonn fCrnSA/liO (seoood aheet) (luly 1992) 



10 



EP0718 756A1 



INTERNATIONAL SEARCH llEPORT 



lotematioiul a|>plicatiQn No. 

PCT/JP95/01344 



C (Continuation). DOCUMENTS CONSIDERED TO BE RELEVANT 



Category^ 



QtBlioo of docoment. with indicttion, where appropriate, of the relevant passages 



Relevant to claim No. 



May 12, 1988 (12. 05. 88) 

& WO, 8801120, Al & EP, 277247, Al 

& US, 5016276, A 



FCr/ISA/210 (continuation of second sheet) (July 1992) 



11 



-I sT'se 



Europe«P.te»t SUPPLEMENTARY " Appii««to. N«.b« 

EUROPEAN SEARCH REPORT ^^07 



DOCUMENTS CONSIDERED TO BE RELEVANT 



CatcgMy 



Citation of document wilb 
of-rclevant 



indication, where appropriate. 



Relevant 
to claim 



CMSSmCAIION OF THE 
APPUCATION OntCLQ 



P.Y 
A 

A 

A 



US-A-5 343 527 (MOORE JAMES W) 30 August 
1994 

* abstract; figures 1-7 * 

* column 2, line 8 - column 3, line 48 * 

* column 5» line lO - line 26 * 

* column 6, line 55 - column 7, line 68 * 

* column 8» line 51 - column 10, line 14 ' 



1-5,8,9 



G06F9/06 
G06Fl/eO 



6.7,10 



US-A-5 291 598 (GRUNDY GREGORY) 1 March 
1994 

US-A-5 103 476 (WAITE DAVID P ET AL) 7 
April 1992 

US-A-4 658 093 (HELLMAN MARTIN E) 14 April 
1987 



TECHNICAL FIELDS 
SEARCHED (bt.CI.6) 



G06F 



The nipplcnKntary search report ha 
iip for the claims attached hereto. 



THE HAGUE 



DiteeroMivlclloaof tk« mmtk 

5 September 1996 



Powell, D 



CATEGORY OF dTED DOCUMENTS 

X : partlcnUriy rdeVMt if takea aJon« 

Y : pvtlculariy rdcvant if combined wltb another 

document of the saia« category 
A : technological background 
O : Bon-writtcn disdosore 
P : intcnacdiatc document 



T : thcoffy or principle undcriying the Invention 
E : cariicr patent document, but pubGslicd bb, or 

after the filing date 
D : document dted in the application 
L : document dtcd for other rcuons 



member of the same patent family, corresponding 
document 



r. e • o 

o D • • • ♦ 

r o • 

CO • 



r 

c 

o © 

e o 



e • • 

c o 



• c 

• » 



- 14 ~ 



f^y A system for protecting software comprising: a 
softwafre supplier portion for preparing to supply a 
program to a software administration center^portiorp and a 
user portion; 

a software administration center portion 
connected to said software supplier portion for 
converting the supplied program in a predetermined manner 
and preparing to supply this converted program to the 
user portion; and 

a user portion connected to said software 
supplier portion and said software administration center 
portion, for converting the supplied program in a 
predetermined manner, comparing this converted program 
with the converted program supplied from said software 
administration center portion, and, only when these 
compared converted programs coincide, carrying out a 
program execution. 

2. The system according to claim 1, wherein the 
program is enciphered, and, w hen the program is 
determined by the user portion to be executable , the 
enciphered program i s deciphered. 

3. The system according to claim 1, wherein the 
converted program supplied from the software 
administration center portion to the user portion is 
enciphered, and, when at least the program is used by the 
user portion, t he enciph er ed program is deciphered. 

4. The system according to claim 2, wherein the 
program is enciphered in the software supplier portion by 
using a public key based on a request from the user 
portion or a public file, and the enciphered program is 
deciphered by using the secret key in the user portion. 

5. The system according to claim 3, wherein the 
converted program is enciphered by using the secret key 
of the software administration center portion in the 
software administration center portion, and the 
enciphered program is deciphered by using the public key 



of the software administration center portion in the user 
portion. 

6. The system according to claim 2, wherein the 
program is enciphered by using a key which is common to 
the user portion produced by applying the identif icator 
of the user portion to the secret algorithm which is 
specific for the software or the software supplier 
portion in the software supplier portion^ and the 
enciphered program is deciphered by using the key which 
is common to the software or the software supplier 
portion produced by applying the identifier of the 
software or the software supplier portion to the secret 
algorithm^ which is specific to the user portion, in the 
user portion. 

7. The system according to claim 3, wherein the 
converted program is enciphered by using a key which is 
common to the user portion and the software or the 
software supplier portion produced by applying the 
identifier of the user portion to the secret algorithm 
which is specific to the software or the software 
supplier portion in the software administration center 
portion^ and the enciphered converted program is 
deciphered by using the key which is common to the 
software or the software supplier portion produced by 
applying the identifier of the software supplier portion 
to the secret algorithm which is specific to the user 
portipnx in the. user portion. 

/ey A system for protecting software comprising: a 
softWre supplier portion for enciphering a program by a 
first key to produce an enciphered program and 
enciphering the first key by a second key to produce the 
enciphered first key, supplying this enciphered program 
to a software administration center portion, and 
preparing to supply the enciphered program and the 
enciphered first key to a user portion; 

the software administration center portion 
connected to said software supplier portion for 



converting the supplied enciphered program to produce the 
converted enciphered program, enciphering this converted 
program by a third key to produce an enciphered converted 
program, enciphering the third key by a fourth key to 
produce the enciphered third key, and preparing to supply 
these enciphered converted program and enciphered third 
key to the user portion; and 

the user portion connected to said 
software supplier portion and said software 
administration center portion, when the program is used, 
for converting the enciphered program in a predetermined 
manner to produce the converted program; deciphering the 
enciphered third key by a fifth key to produce the 
deciphered third key, deciphering the enciphered 
converted program by the third key to produce the 
deciphered converted program, comparing this deciphered 
converted program and the converted program, and, only 
when the compared converted programs coincide, carrying 
out an execution of the program deciphered by the first 
key deciphered by a sixth key. 

9. The system according to claim 8, wherein the 
second key is the public key of the user portion, the 
sixth key is the secret key of the user portion, the 
fourth key is the secret key of the software 
administration center portion, and the fifth key is the 
public key of the software administration center portion- 

10. The system according to claim 8, wherein the 
second key is the key which is common to the user portion 
produced by applying the identifier of the user portion 
to the secret algorithm of the software supplier portion 
or the software, and the fifth and sixth keys are the 
keys which are common to the software supplier portion or 
the software produced by applying the identifier of the 
software supplier portion or the software to the secret 
algorithm of the user portion, and the fourth key is the 
key which is common to the user portion produced by 
applying the identifier of the user portion to the secret 



algorithm of the software supplier portion or the 
software owned by the software administration center 
portion. 



